This past weekend I configured an IPv6 DMZ host to play with inbound connections. I tried connecting from
Cloudflare Warp and from another FIOS customer. No traffic made it to the internal host. Traffic capture between the CR1000a and the ONT showed responses to outbound IPv6, but not the traffic initiated from outside. I was able to connect to an IPv4 DMZ host. Inbound IPv6 was working several months ago.
Dose anyone know what has changed?
Solved! Go to Correct Answer
The CR1000A has a IPv6 Firewall on it. Have you configured an IPv6 Pinhole for your application?
See page 92 (PDF page) on the manual: https://www.verizon.com/supportresources/content/dam/verizon/support/consumer/documents/internet/ver...
As for inbound traffic, it should still work. As long as the IPv6 address and prefixes are still routing to you. Not aware of any changes that would've happened to break IPv6 inbound connectivity.
The CR1000A has a IPv6 Firewall on it. Have you configured an IPv6 Pinhole for your application?
See page 92 (PDF page) on the manual: https://www.verizon.com/supportresources/content/dam/verizon/support/consumer/documents/internet/ver...
As for inbound traffic, it should still work. As long as the IPv6 address and prefixes are still routing to you. Not aware of any changes that would've happened to break IPv6 inbound connectivity.
I reported the problem to Verizon. They resolved it, though they didn't tell me the cause.
No problem with outbound IPv6; return traffic was routing properly. I configured a DMZ host rather than a pinhole. I don't recall pinholes being available on the Quantum Gateway. I'll have to give it a try. It looks like a better choice than configuring a DMZ host.
My troubleshooting may've been subpar. I relied on Cloudflare Warp on Linux to generate the inbound IPv6 traffic. Apparently, it wasn't actually passing IPv6. So there wasn't any inbound traffic outside the router for me to capture.
Start a new topic or ask questions in the open forum.
